SonicWALL 5.8.1 Microscope & Magnifier User Manual


  Open as PDF
of 1490
 
Firewall Settings > Advanced
715
SonicOS 5.8.1 Administrator Guide
Apply firewall rules for intra-LAN traffic to/from the same interface - Applies firewall rules
that is received on a LAN interface and that is destined for the same LAN interface. Typically,
this only necessary when secondary LAN subnets are configured.
IP and UDP Checksum Enforcement
Enable IP header checksum enforcement - Select this to enforce IP header checksums.
Enable UDP checksum enforcement - Select this to enforce IP header checksums.
UDP
Default UDP Connection Timeout (seconds) - Enter the number of seconds of idle time you
want to allow before UDP connections time out. This value is overridden by the UDP
Connection timeout you set for individual rules.
Connection Limiting
The Connection Limiting feature provides an additional layer of security against distributed
denial of service (DDoS) attacks by limiting the number of connections that can be initiated from
or to individual IP addresses.
Enable connection limit based on source IP - Select to limit the number of connections
that can be made from a single source IP address. By default, the limit is set to 128. To
modify this, enter a value in the Threshold field.
Enable connection limit based on destination IP - Select to limit the number of
connections that can be made to a single destination IP address. By default, the limit is set
to 128. To modify this, enter a value in the Threshold field.
In addition to these configurable settings for individual IP addresses, all SonicWALL security
appliances have a built-in limit on the total number of connections allowed. For more
information on this feature, see “Connection Limiting Overview” on page 612.